 |
|
|
|
|
|
دورات تدريبية |
|
اتصل بنا |
|
|
Learn How To: § Assess the need for wireless Technologies § Choose and evaluate wireless technologies § Architect a wireless solution for multistage-defense § How to architect a wireless security management solution § How to plan a pilot project for wireless network § How to build a wireless test lab § Identify wireless threats and risk § Hacking a wireless network system § Identify Rogue Access Points § Gain practical extensive experience with various technologies § Deployment and Performance challenges § How to deploy and Manage wireless network solution
AAAA Wireless security workshop is the ideal course for individuals that have basic experience networking or security, but would like more information regarding how to protect their wireless networks. The course is uses the paradigm that learning how hacking attacks work, this will empower the administrator to successfully defend the wireless network. Common threats and configuration mistakes are explained and attacks are demonstrated, timely advice is given on how to put in place the countermeasures to prevent these attacks. Insight is also given into analyzing and determine whether an hacking attack has taken place. Hands-on labs are performed during the course so that practical aspects of the material can be applied in the real world.
Course Timings The seminar will run from 09:00 to 17:00 daily. Breaks will be taken at regular intervals throughout the day. Pre-requisites A basic understanding of information technology, operating systems and networking. Duration 2 Days Who Should Attend This course is designed for IT administrators, engineers and managers who are responsible for the day-to-day operation and/or protection of their organizations' wireless networks. The following professionals benefit best from this course: § Systems Administrators § Wireless Network Administrators § Support Analysts § Network Engineers § IT Managers § Security Managers § System Managers
Course Content Day 1
§ Business Case for Wireless § Description of wireless threats Overview of Wireless Networking § WLANs, WWANs, WPANs § 802.11 a,b,g § 802.11 Architecture § 802.11 Characteristics § 802.11 Network and Data Security § 802.11 Authentication § 802.11 Privacy (WEP) § 802.11 Key Management
Wireless Security Problems § Security Requirements and Threats § Passive Attacks § Active Attacks § Loss of Confidentiality § Eavesdropping § Traffic Analysis § Loss of Data Integrity § Loss of Network Availability § Denial of Service Attacks & RF Jamming
§ Default SSID § Default password § Unauthorized Clients § Rogue Access Points § WEP weaknesses § Short Cryptographic Keys § Shared Cryptographic Keys § Lack of Key Management § Weak Packet Integrity § Bypassing MAC ACLs § Client Security Problems
Wireless Security Countermeasures § Risk Mitigation § Management Countermeasures § Operational Countermeasures § Physical Security Countermeasures § TKIP § 802.1x/EAP § EAP-MD5 § EAP-TLS § LEAP § PEAP § WPA § 802.11i § Advanced Encryption Standard (AES)
More Wireless Security Countermeasures § Building a Wireless Honeypot § Implementing Client-Side Security in a Wireless Network § Deploying LDAP/Active Directory Authentication § Deploying RADIUS Authentication § Segmentation of Wireless Access Points with DMZs and VLANs § Deploying SSL and IPSec VPNS in a Wireless Network § Using SSH2 in a Wireless Network
Day 2
§ Detecting Scanning and Traffic Analysis § Detecting Rogue Access Points § Detecting Man-In-The-Middle Attacks § Detecting RF Jamming and Denial of Service Attacks § Detecting Brute-force SSID Attacks § Detecting WEP Cracking Attempts § Detecting Attempts to Bypass 802.1x Authentication § Deploying a wireless IDS § Final Audit Scan of Network
Implementation § Putting it all together § Developing a Wireless Security Policy § How to stay up-to-date § Further reading § Conclusions Workshops § Network Mapping & Site Surveying with Kismet, Wellenreiter, and NetStumbler. § Wireless traffic analysis with Kismet and Wellenreiter. § Connecting to Rogue Access Points § Using Ethereal to sniff and analyze unencrypted wireless traffic. § Traffic injection with AirJack § Configuring WEP § Using AirSnort and WEPCrack to sniff and analyze WEP traffic § Traffic Injection with Wepwedgie § Configuring MAC ACLs § Spoofing MAC addresses § Faking out the attackers with FakeAP § Detecting Scanning analysis § Implementing WPA § 802.1x cracking tools § Deploying LDAP/Active Directory authentication § Deploying RADIUS authentication § Segmentation of network with DMZs § Deploying an SSL VPN in a Wireless Network § Deploying a wireless IDS § Final Audit scan of network and analyze results.
Meet Your Expert Seminar Leaders Jorge Sebastiao, CISSP, ISP, ITIL, BS7799 Lead Auditor CANADIAN, President and CEO ESGulf
In Information Security Mr. Sebastiao as been the speaker at numerous international conferences, delivers training and awareness on a regular basis. Topics include: Wireless, Smart Card, BCP/DRP, Physical Security, Biometrics, Standards, Information Security Insight, Ethical Hacking, BS7799, ISO17799, CISSP Preparation Course, IDS, Firewall, Antivirus, Forensics, Incidence Response. Primary Audiences include: Financial Sector, Telecommunications, Airlines, Government, Defence, and Private Commercial. Previously at Computer Associates Middle East and Computer Associates Canada he implemented leading Enterprise Management, Security Management and Information Management solutions for mission critical business applications. He has guided clients in the integration of current technologies and migration of legacy applications to newer computing paradigms which make use of--object orientation, distributed systems, client/server, multi-tier as well as E-technologies. Mr. Sebastiao also co-authored a consumer credit and information book titled "La Face Cachée du Credit". (at: Jorge@esgulf.com)
آخر تحديث للصفحة 28/03/2005
|
